How to find xPub key in your wallet? by Karen Su ...

What is the difference between an xpub address, a HD wallet, and a BIP32 key? /r/Bitcoin

What is the difference between an xpub address, a HD wallet, and a BIP32 key? /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

Blockchain.info BIP32 (xpub) /r/Bitcoin

Blockchain.info BIP32 (xpub) /Bitcoin submitted by BitcoinAllBot to BitcoinAll [link] [comments]

04-22 17:04 - 'A question regarding automated derivation of addresses using xpub and path for Zcash' (self.Bitcoin) by /u/heckslay removed from /r/Bitcoin within 59-69min

'''
Hello,
I'm currently developing an API for my company which utilizes xpub and path to generate an address.
Thing is, I managed to do that for all cryptocurrencies we require except for Zcash. We're using trezor hardware wallet and Trezor connect doesn't work for us, since we need the flow to be detached from device itself.
Generally, I'm using bitcoinjs library for all other coins, yet I couldn't derive the right address format for zcash. Spent quite a lot of time searching in github issues, but no luck. A word of help would be really great, thanks guys! My code currently looks like this:
xpub = process.env.ZEC_PUB_KEY; network = { messagePrefix: '\x18ZCash Signed Message:\n', bech32: 't1', bip32: { public: 0x0488b21e, private: 0x0488ade4 }, pubKeyHash: 0x1cb8, scriptHash: 0x1cbd, wif: 0x80 }; p2wpkh = bjs.payments.p2wpkh({ pubkey: bjs.bip32.fromBase58(xpub, network).derive(0).derive(pathNumber).publicKey, network }); payment = bjs.payments.p2sh({ redeem: p2wpkh, network }); address = payment.address;
'''
A question regarding automated derivation of addresses using xpub and path for Zcash
Go1dfish undelete link
unreddit undelete link
Author: heckslay
submitted by removalbot to removalbot [link] [comments]

What exactly does creating multiple "accounts" in Ledger Live do? Does making a new "account" just generate a new xPub?

Anyone?
submitted by cryptoid43 to ledgerwallet [link] [comments]

Groestlcoin 6th Anniversary Release

Introduction

Dear Groestlers, it goes without saying that 2020 has been a difficult time for millions of people worldwide. The groestlcoin team would like to take this opportunity to wish everyone our best to everyone coping with the direct and indirect effects of COVID-19. Let it bring out the best in us all and show that collectively, we can conquer anything.
The centralised banks and our national governments are facing unprecedented times with interest rates worldwide dropping to record lows in places. Rest assured that this can only strengthen the fundamentals of all decentralised cryptocurrencies and the vision that was seeded with Satoshi's Bitcoin whitepaper over 10 years ago. Despite everything that has been thrown at us this year, the show must go on and the team will still progress and advance to continue the momentum that we have developed over the past 6 years.
In addition to this, we'd like to remind you all that this is Groestlcoin's 6th Birthday release! In terms of price there have been some crazy highs and lows over the years (with highs of around $2.60 and lows of $0.000077!), but in terms of value– Groestlcoin just keeps getting more valuable! In these uncertain times, one thing remains clear – Groestlcoin will keep going and keep innovating regardless. On with what has been worked on and completed over the past few months.

UPDATED - Groestlcoin Core 2.18.2

This is a major release of Groestlcoin Core with many protocol level improvements and code optimizations, featuring the technical equivalent of Bitcoin v0.18.2 but with Groestlcoin-specific patches. On a general level, most of what is new is a new 'Groestlcoin-wallet' tool which is now distributed alongside Groestlcoin Core's other executables.
NOTE: The 'Account' API has been removed from this version which was typically used in some tip bots. Please ensure you check the release notes from 2.17.2 for details on replacing this functionality.

How to Upgrade?

Windows
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer.
OSX
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications.
Ubuntu
http://groestlcoin.org/forum/index.php?topic=441.0

Other Linux

http://groestlcoin.org/forum/index.php?topic=97.0

Download

Download the Windows Installer (64 bit) here
Download the Windows Installer (32 bit) here
Download the Windows binaries (64 bit) here
Download the Windows binaries (32 bit) here
Download the OSX Installer here
Download the OSX binaries here
Download the Linux binaries (64 bit) here
Download the Linux binaries (32 bit) here
Download the ARM Linux binaries (64 bit) here
Download the ARM Linux binaries (32 bit) here

Source

ALL NEW - Groestlcoin Moonshine iOS/Android Wallet

Built with React Native, Moonshine utilizes Electrum-GRS's JSON-RPC methods to interact with the Groestlcoin network.
GRS Moonshine's intended use is as a hot wallet. Meaning, your keys are only as safe as the device you install this wallet on. As with any hot wallet, please ensure that you keep only a small, responsible amount of Groestlcoin on it at any given time.

Features

Download

iOS
Android

Source

ALL NEW! – HODL GRS Android Wallet

HODL GRS connects directly to the Groestlcoin network using SPV mode and doesn't rely on servers that can be hacked or disabled.
HODL GRS utilizes AES hardware encryption, app sandboxing, and the latest security features to protect users from malware, browser security holes, and even physical theft. Private keys are stored only in the secure enclave of the user's phone, inaccessible to anyone other than the user.
Simplicity and ease-of-use is the core design principle of HODL GRS. A simple recovery phrase (which we call a Backup Recovery Key) is all that is needed to restore the user's wallet if they ever lose or replace their device. HODL GRS is deterministic, which means the user's balance and transaction history can be recovered just from the backup recovery key.

Features

Download

Main Release (Main Net)
Testnet Release

Source

ALL NEW! – GroestlcoinSeed Savior

Groestlcoin Seed Savior is a tool for recovering BIP39 seed phrases.
This tool is meant to help users with recovering a slightly incorrect Groestlcoin mnemonic phrase (AKA backup or seed). You can enter an existing BIP39 mnemonic and get derived addresses in various formats.
To find out if one of the suggested addresses is the right one, you can click on the suggested address to check the address' transaction history on a block explorer.

Features

Live Version (Not Recommended)

https://www.groestlcoin.org/recovery/

Download

https://github.com/Groestlcoin/mnemonic-recovery/archive/master.zip

Source

ALL NEW! – Vanity Search Vanity Address Generator

NOTE: NVidia GPU or any CPU only. AMD graphics cards will not work with this address generator.
VanitySearch is a command-line Segwit-capable vanity Groestlcoin address generator. Add unique flair when you tell people to send Groestlcoin. Alternatively, VanitySearch can be used to generate random addresses offline.
If you're tired of the random, cryptic addresses generated by regular groestlcoin clients, then VanitySearch is the right choice for you to create a more personalized address.
VanitySearch is a groestlcoin address prefix finder. If you want to generate safe private keys, use the -s option to enter your passphrase which will be used for generating a base key as for BIP38 standard (VanitySearch.exe -s "My PassPhrase" FXPref). You can also use VanitySearch.exe -ps "My PassPhrase" which will add a crypto secure seed to your passphrase.
VanitySearch may not compute a good grid size for your GPU, so try different values using -g option in order to get the best performances. If you want to use GPUs and CPUs together, you may have best performances by keeping one CPU core for handling GPU(s)/CPU exchanges (use -t option to set the number of CPU threads).

Features

Usage

https://github.com/Groestlcoin/VanitySearch#usage

Download

Source

ALL NEW! – Groestlcoin EasyVanity 2020

Groestlcoin EasyVanity 2020 is a windows app built from the ground-up and makes it easier than ever before to create your very own bespoke bech32 address(es) when whilst not connected to the internet.
If you're tired of the random, cryptic bech32 addresses generated by regular Groestlcoin clients, then Groestlcoin EasyVanity2020 is the right choice for you to create a more personalised bech32 address. This 2020 version uses the new VanitySearch to generate not only legacy addresses (F prefix) but also Bech32 addresses (grs1 prefix).

Features

Download

Source

Remastered! – Groestlcoin WPF Desktop Wallet (v2.19.0.18)

Groestlcoin WPF is an alternative full node client with optional lightweight 'thin-client' mode based on WPF. Windows Presentation Foundation (WPF) is one of Microsoft's latest approaches to a GUI framework, used with the .NET framework. Its main advantages over the original Groestlcoin client include support for exporting blockchain.dat and including a lite wallet mode.
This wallet was previously deprecated but has been brought back to life with modern standards.

Features

Remastered Improvements

Download

Source

ALL NEW! – BIP39 Key Tool

Groestlcoin BIP39 Key Tool is a GUI interface for generating Groestlcoin public and private keys. It is a standalone tool which can be used offline.

Features

Download

Windows
Linux :
 pip3 install -r requirements.txt python3 bip39\_gui.py 

Source

ALL NEW! – Electrum Personal Server

Groestlcoin Electrum Personal Server aims to make using Electrum Groestlcoin wallet more secure and more private. It makes it easy to connect your Electrum-GRS wallet to your own full node.
It is an implementation of the Electrum-grs server protocol which fulfils the specific need of using the Electrum-grs wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all Groestlcoin Core's resource-saving features like pruning, blocks only and disabled txindex. All Electrum-GRS's feature-richness like hardware wallet integration, multi-signature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node.
Full node wallets are important in Groestlcoin because they are a big part of what makes the system be trust-less. No longer do people have to trust a financial institution like a bank or PayPal, they can run software on their own computers. If Groestlcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine.
Full node wallets are also important for privacy. Using Electrum-GRS under default configuration requires it to send (hashes of) all your Groestlcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Groestlcoin Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which Groestlcoin addresses they are interested in.
Groestlcoin Electrum Personal Server can also broadcast transactions through Tor which improves privacy by resisting traffic analysis for broadcasted transactions which can link the IP address of the user to the transaction. If enabled this would happen transparently whenever the user simply clicks "Send" on a transaction in Electrum-grs wallet.
Note: Currently Groestlcoin Electrum Personal Server can only accept one connection at a time.

Features

Download

Windows
Linux / OSX (Instructions)

Source

UPDATED – Android Wallet 7.38.1 - Main Net + Test Net

The app allows you to send and receive Groestlcoin on your device using QR codes and URI links.
When using this app, please back up your wallet and email them to yourself! This will save your wallet in a password protected file. Then your coins can be retrieved even if you lose your phone.

Changes

Download

Main Net
Main Net (FDroid)
Test Net

Source

UPDATED – Groestlcoin Sentinel 3.5.06 (Android)

Groestlcoin Sentinel is a great solution for anyone who wants the convenience and utility of a hot wallet for receiving payments directly into their cold storage (or hardware wallets).
Sentinel accepts XPUB's, YPUB'S, ZPUB's and individual Groestlcoin address. Once added you will be able to view balances, view transactions, and (in the case of XPUB's, YPUB's and ZPUB's) deterministically generate addresses for that wallet.
Groestlcoin Sentinel is a fork of Groestlcoin Samourai Wallet with all spending and transaction building code removed.

Changes

Download

Source

UPDATED – P2Pool Test Net

Changes

Download

Pre-Hosted Testnet P2Pool is available via http://testp2pool.groestlcoin.org:21330/static/

Source

submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

Mycelium announces Mycelium Gear

Mycelium proudly announces the release of its first online service, Mycelium Gear, based on the Straight Server developed by Roman Snitko, who has joined our team and is now leading this project.
Mycelium Gear is a merchant processor which demonstrates something that has never been possible before Bitcoin: the ability for merchants to use a full featured merchant processor to receive payments online, and have the money go straight into their own wallets, even if that wallet is running on their own phone in their pocket. Mycelium Gear does not hold any money on the merchant’s behalf, meaning there are no days of waiting for the money to arrive into your bank account, no risk of money being lost by the merchant processor, no need to fill out applications where you give out tons or personal information, and no complicated restrictive policies. All of this means that the costs of running this service are almost zero, which is also what it costs for you to use it: it’s absolutely free. It’s simplicity also means that it’s very easy to set up: you can have it up and running on your site within minutes.
Mycelium Gear relies on the unique benefits of BIP32 HD wallets, which use a single unique random number, called a seed, to generate a list of public bitcoin addresses (called an xpub key), and a corresponding list of private keys (xpriv key) for each of those addresses. When using Mycelium Gear, you give it only the xpub key that generates a unique bitcoin address for each customer invoice, while you keep the private xpriv key - the part that actually allows you to spend that money - only in your own wallet. Mycelium Gear also allows you to set your prices in other currencies, such as USD and EUR, and automatically adjust the amount of bitcoin for the invoice based on the bitcoin price at the time of purchase. When a purchase is made, Mycelium Gear presents the customer with an invoice with a bitcoin address to send their payment to. When the invoice is paid, Mycelium Gear monitors the public Bitcoin blockchain and notifies the merchant’s web store when a payment is detected. Since all bitcoin payment addresses are those of the merchant’s own private wallet, Mycelium Gear never needs to interact with any money directly.
Mycelium Gear is designed for both basic and advanced users. For basic users without a lot of programming experience, it provides an easy step-by-step walkthrough that creates a widget they can easily copy/paste into their website. For more advanced users, Mycelium Gear has a full API, including detailed documentation on how to implement it into your own shopping cart software.
Mycelium’s hope is that Gear will encourage even more merchants to adopt bitcoin and completely change the way merchant transactions are done, thus continuing our goal of decentralizing everything, improving privacy, and eliminating unnecessary third parties in the Bitcoin economy.
submitted by Rassah to Bitcoin [link] [comments]

Groestlcoin Christmas Release!

Groestlcoin Dec 2018 Christmas Release Update

As per usual the 3 months has been all hand-on-deck, helping to bring further adoption utilities to Groestlcoin. The markets have been red but as always that doesn't stop the show from going on with regards to the development since the last release update on 24th September. Here's a recap of what has happened so far:

Recap:

What’s New Today?

Groestlcoin on Trezor Model T

As of the latest version of the Trezor Model T firmware, Groestlcoin is now officially supported! The Trezor Model T is the next-generation cryptocurrency hardware wallet, designed to be your universal vault for all of your digital assets. Store and encrypt your coins, passwords and other digital keys with confidence. The Trezor Model T now supports over 500 cryptocurrencies.

Blockbook MainNet & TestNet Block Explorer

Blockbook is an open-source Groestlcoin blockchain explorer with complete REST and websocket APIs that can be used for writing web wallets and other apps that need more advanced blockchain queries than provided by groestlcoind RPC.
Blockbook REST API provides you with a convenient, powerful and simple way to read data from the groestlcoin network and with it, build your own services.

Features:

Blockbook is available via https://blockbook.groestlcoin.org/ Testnet: https://blockbook-test.groestlcoin.org/ Source code: https://github.com/Groestlcoin/blockbook

Edge Wallet

Groestlcoin has been added to the Edge wallet for Android and iOS. Edge wallet is secure, private and intuitive. By including support for ShapeShift, Simplex and Changelly, Edge allows you to seamlessly shift between digital currencies, anywhere with an internet connection.

Features:

Android: https://play.google.com/store/apps/details?id=co.edgesecure.app
iOS: https://itunes.apple.com/us/app/edge-bitcoin-wallet/id1344400091?mt=8
Direct Android: https://edge.app/app

CoinID Wallet

We are excited to announce that Groestlcoin has been added to CoinID! With integrated cold and hot wallet support, and a host of other unique wallet features, CoinID can easily become your go-to wallet for storing Groestlcoin. More details can be found here: https://coinid.org/s/groestlcoin-wallet-overview.pdf

Features

Android: https://play.google.com/store/apps/details?id=org.coinid.wallet.grs
iOS: https://itunes.apple.com/us/app/grs-wallet-for-coinid/id1439638550

Groestlcoin Sentinel - Windows Released

Groestlcoin Sentinel is the easiest and fastest way to track balances of your Groestlcoin addresses.
Features
You can download it using the links below.
Download the Windows Wallet (64 bit) here: https://github.com/Groestlcoin/Groestlcoin-Sentinel-Windows/releases/download/1.0/SentinelSetup_x64.msi
Download the Windows Wallet (32 bit) here: https://github.com/Groestlcoin/Groestlcoin-Sentinel-Windows/releases/download/1.0/SentinelSetup_x86.msi
Source code: https://github.com/Groestlcoin/Groestlcoin-Sentinel-Windows/

Groestlcoin BIP39 Tool 0.3.9 Update

The Groestlcoin BIP39 tool is an open-source web tool for converting BIP39 mnemonic codes to addresses and private keys. This enables the greatest security against third-party wallets potentially disappearing – You’ll still have access to your funds thanks to this tool.
What’s New
Download the Groestlcoin BIP39 tool here: https://github.com/Groestlcoin/bip39/archive/master.zip
Source code: https://github.com/groestlcoin/bip39
Or use hosted version: https://groestlcoin.org/bip39/

Electrum-GRS 3.2.3 Update

Electrum-GRS is a lightweight "thin client" Groestlcoin wallet Windows, MacOS and Linux based on a client-server protocol. Its main advantages over the original Groestlcoin client include support for multi-signature wallets and not requiring the download of the entire block chain.
What’s New

Electrum + Android Version 3.2.3:

Android: https://play.google.com/store/apps/details?id=org.groestlcoin.electrumgrs
Windows & OSX: https://github.com/Groestlcoin/electrum-grs/releases/
Linux:
sudo apt-get install python3-setuptools python3-pyqt5 python3-pip python3-dev libssl-dev sudo pip3 install groestlcoin_hash sudo pip3 install https://github.com/Groestlcoin/electrum-grs/releases/download/v3.2.3/Electrum-grs-3.2.3.tar.gz electrum-grs
GitHub Source server: https://github.com/Groestlcoin/electrumx-grs
Github Source server installer: https://github.com/Groestlcoin/electrumx-grs-installer
Github Source client: https://github.com/Groestlcoin/electrum-grs

Groestlcoin ivendPay Integration

ivendPay and Groestlcoin cryptocurrency have announced the start of integration.
IT company ivendPay, the developer of a universal multicurrency payment module for automatic and retail trade, intends to integrate Groestlcoin cryptocurrency — one of the oldest and the most reputable Bitcoin forks into the payment system. Groestlcoin is characterized by instant transactions with almost zero commission and is optimal for mass retail trade where micropayments are mostly used.
According to Sergey Danilov, founder and CEO of ivendPay, Groestlcoin will become the 11th cryptocurrency integrated into the payment module. The first working vending machines for the sale of coffee, snacks and souvenirs, equipped with ivendPay modules, served the visitors of the CryptoEvent RIW exhibition at VDNKh in Moscow and accepted Bitcoin, Go Byte, Dash, Bitcoin Cash, Ethereum, Ethereum Classic, Zcash, Bitcoin Gold, Dogecoin and Emercoin. ivendPay terminals are designed and patented to accept payments in electronic money, cryptocurrencies and cash when connecting the corresponding cash terminal. Payment for the purchase takes a few seconds, the choice of the payment currency occurs at the time of placing the order on the screen, the payment is made by QR-code through the cryptocurrency wallet on the smartphone.
The interest in equipping vending machines with ivendPay terminals has already been shown by the companies of Malaysia and Israel, where first test networks would be installed. ivendPay compiles a waiting list for vending networks interested in buying terminals and searches for an investor to launch industrial production. According to Sergey Danilov, the universal payment terminal ivendPay for the vending machine will cost about $500. The founder of ivendPay has welcomed the appearance of Groestlcoin among integrated cryptocurrencies, as it is another step towards the realization of the basic idea of digital money - free and cross-border access to goods and services for everybody.
submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

Bitcoin addresses in Ledger Nano S

Hello,
I did a transfer between my Segwit address to one of my Bitcoin Legacy address on my Nano Ledger for the Byteball Airdrop. For that I used one of the address that showed in the list when you need to sign a message. All the addresses that are showing in this list are valid addresses of my Bitcoin legacy wallet, right?
I did the transfert and now my BTC aren't showing up on my Bitcoin Legacy wallet.
Why is that?
Thanks for your imputs.
EDIT : I found my coins back thanks to stiVal !! When I sent the coins to an unused address of my ledger, you just need via Electrum to activate it via the console on electrum.
Install electrum and link it to your ledger > export your xpub of your ledger (legacy bitcoin) > go to : https://iancoleman.io/bip39/ > in the "Derivation Path" section, go to the tab BIP32 > copy/paste your xpub in the box "BIP32 Extended Public Key". A whole bunch of addresses will appear below > Find the address you sent your coins to > check the path (on the left side where your key is) > Log in Electrum check the addresses of your ledger > if the address don't show up go to view > show console > a new tab "Console" will appear > copy/paste "wallet.create_new_address(False)" until you find the key you send your coins to > Profit!
Hope this helped! :)
submitted by Ninquelote to ledgerwallet [link] [comments]

how to recovery my bitcoins from electrum?

i am using electrum wallet.recently i used my from Public master keys at this site: www.gear.mycelium.com and i created widget. this widget generate bitcoin addresses and send them to my electrum wallet. i received some bitcoins from generated addresses(i see my transaction in blockchain.info).but i can not see my generated address in my electrum wallet! also i can not see my generated address in Xpub blockchain.info.
submitted by f4t4l1 to Bitcoin [link] [comments]

Monitoring transactions by script template

By setting up walletnotify in bitcoin.conf will work if wallet is aware of the address.
In my case, wallet would not be always aware of address that I need to monitor. But if specific redeem script template is watched, my app will be able to recognize if address belongs to specific xpub(bip32) Is there are a way to use bitcoind to monitor new transactions by redeem script template for p2sh where public keys is not known in advance? Thanks.
submitted by zninja-bg to Bitcoin [link] [comments]

Anyone familiar with cryptography/bitcoin/bitwasp classes who can help with an issue?

edit: $100 btc reward for the resolution!
I have been following this guide: https://freedomnode.com/blog/58/generate-bitcoin-wallet-addresses-from-extended-public-key-with-php
to try and derive legacy bitcoin addresses from an xpub key from my electrum wallet which using the bitwasp classes as specified in the guide. With the latest repository changes, it seems to have broken this method of generation somehow and there are comments with the exact error i am getting on the guide article but no solutions anywhere. this is my error:
Fatal error: Uncaught InvalidArgumentException: Invalid fingerprint for BIP32 key, must be in range [0 - (231)-1] inclusive
after looking at where this error is thrown in: vendor\bitwasp\bitcoin\src\Key\Deterministic\HierarchicalKey.php (Line 82)
if ($parentFingerprint < 0 || $parentFingerprint > IntRange::U32_MAX) { throw new \InvalidArgumentException('Invalid fingerprint for BIP32 key, must be in range [0 - (2^31)-1] inclusive'); } 
$parentFingerprint is 0 when I echo it but i do not know how any of these classes work enough to debug it.
Can anyone follow this guide and see if they can replicate my issue please? I used the exact sample code provided for xpub keys.
Full stack trace:
Fatal error: Uncaught InvalidArgumentException: Invalid fingerprint for BIP32 key, must be in range [0 - (2^31)-1] inclusive in [path_redacted]\vendor\bitwasp\bitcoin\src\Key\Deterministic\HierarchicalKey.php:82 Stack trace: #0 [path_redacted]\vendor\bitwasp\bitcoin\src\Serializer\Key\HierarchicalKey\ExtendedKeySerializer.php(147): BitWasp\Bitcoin\Key\Deterministic\HierarchicalKey->__construct(Object(BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Adapter\EcAdapter), Object(BitWasp\Bitcoin\Key\KeyToScript\Factory\P2pkhScriptDataFactory), 0, 0, 0, Object(BitWasp\Buffertools\Buffer), Object(BitWasp\Bitcoin\Crypto\EcAdapter\Impl\PhpEcc\Key\PublicKey)) #1 [path_redacted]\vendor\bitwasp\bitcoin\src\Serializer\Key\HierarchicalKey\ExtendedKeySerializer.php(159): BitWasp\Bitcoin\Serializer\Key\HierarchicalKey\ExtendedKeySerializer->fromParser(Object(BitWasp\Bitcoin\Network\Networks\Bitcoin), Object(BitWasp\Bufferto in [path_redacted]\vendor\bitwasp\bitcoin\src\Key\Deterministic\HierarchicalKey.php on line 82 
Thank you for any knowledge that can be share for this!
submitted by Bolshoi-Booze to PHPhelp [link] [comments]

03-02 20:15 - 'Generating HD wallet addresses from xpub key using PHP, up to date method? $100 BTC reward for help!' (self.Bitcoin) by /u/Bolshoi-Booze removed from /r/Bitcoin within 136-146min

'''
Hi, I've been trying to get this working for a short while now and I am at a loss of what else to do.
I initially found this guide: [link]1
But have been getting this error:
Fatal error: Uncaught InvalidArgumentException: Invalid fingerprint for BIP32 key, must be in range [0 - (2^31)-1] inclusive in [path_redacted]\vendor\bitwasp\bitcoin\src\Key\Deterministic\HierarchicalKey.php:82 
I believe this error is caused by a fairly recent change to the repository, I've tried using these examples:
[link]2
[link]3
Same issue, can anyone with more knowledge on this help to debug? Able to offer a $100 BTC reward! Thanks :)
Pinging turbr0 loserkids bitcointhailand
'''
Generating HD wallet addresses from xpub key using PHP, up to date method? $100 BTC reward for help!
Go1dfish undelete link
unreddit undelete link
Author: Bolshoi-Booze
1: free**mn*de.com/bl**/5*/gen*r*te-bit***n-walle*-**dress**-*ro*-exten*ed-pub*ic-ke*-wi*h-p*p 2: gis*.gi*hub.**m/d**tsp**k/8cc1d*7*7e97bcf*fa563**3102*97c1 3: w**.*ed*it.co*/Bit*oin/comments/4j**8c/ph***o_generate_hd_ad*res*es_*odi*g**s****/
Unknown links are censored to prevent spreading illicit content.
submitted by removalbot to removalbot [link] [comments]

BIP 39, 44 and 32 confusion

Hi!
I am using Coinomi as my main wallet, and it is apparently using BIP44, 39 and 32 (excuse my ignorance as to which does what).
I am trying to "save" my wallet by exporting keys, while trying to understand how all this works. From what I've read in various places, the BIP32 Extended Public and Private keys are used to generate all the addresses that can be used for transactions.
However, using the tool to extract the keys from my BIP39 passphrase (https://coinomi.com/recovery-phrase-tool.html), I don't seem to be able to get the "right keys". More detail:
My questions:
Looking forward to understanding more how this works, it's still quite confusing to me.
submitted by sangoria to Bitcoin [link] [comments]

Converting DASH drkp master public key to xpub or drkv public key

We are using cryptowoo to accept Bitcoin payments through our site and would like to start supporting DASH. The problem is that we would like to do this through the Trezor hardware wallet and it will only generate the drkp style of public key.
Cryptowoo will only accept xpub or drkv forms of the public key, so the addresses cannot be generated.
I was able to find these two snippets of code which suggest that it's possible but I don't know how to compile them etc. Is there a simple way to convert these address types? Why does DASH use three forms?
Converting DASH drkp master public key to xpub or drkv public key
https://www.snip2code.com/Snippet/1058083/BIP32-serialization-version-byte-swap-us
https://codegists.com/code/convert%20xpub%20drkv/
Thanks in advance
submitted by Reagent_Tests_UK to dashpay [link] [comments]

Proposal: bip32 version bytes for segwit scripts | Thomas Voegtlin | Sep 05 2017

Thomas Voegtlin on Sep 05 2017:
BIP32 extended public/private keys have version bytes that result in the
user visible xpub/xprv prefix. The BIP's recommendation is to use
different version bytes for other networks (such as tpub/tprv for testnet)
I would like to use additional version bytes to indicate the type of
output script used with the public keys.
I believe the change should be user visible, because users are exposed
to master public keys. I propose the following prefixes:
========== =========== ===================================
Version Prefix Description
========== =========== ===================================
0x0488ade4 xprv P2PKH or P2SH
0x0488b21e xpub P2PKH or P2SH
0x049d7878 yprv (P2WPKH or P2WSH) nested in P2SH
0x049d7cb2 ypub (P2WPKH or P2WSH) nested in P2SH
0x04b2430c zprv P2WPKH or P2WSH
0x04b24746 zpub P2WPKH or P2WSH
========== =========== ===================================
(source: http://docs.electrum.org/en/latest/seedphrase.html)
I have heard the argument that xpub/xprv serialization is a format for
keys, and that it should not be used to encode how these keys are used.
However, the very existence of version bytes, and the fact that they are
used to signal whether keys will be used on testnet or mainnet goes
against that argument.
If we do not signal the script type in the version bytes, I believe
wallet developers are going to use dirtier tricks, such as the bip32
child number field in combination with bip43/bip44/bip49.
Thomas
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-Septembe014907.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

Notes on a first quick test of NTumblebit, on Linux and regtest.

I just thought I'd jot down a few notes on the experience of trying out the current NTumbleBit code.
This is testing on regtest, done for the simple reason that you don't have to wait for testnet blocks (nor sync testnet which is mildly annoying). At this stage I just wanted to learn how this works.
Your starting point is this wiki page.

Installation

You need to download Bitcoin Core. Use at least 0.13.1 - this turned out to be only major blocking point in the whole test, funnily enough, for me - it took me a few hours(!) in debugging to realize that the reason my wallet's coins were not being recognized was simply because 0.12.1 didn't support the necessary RPC syntax. (Note to devs: is there a way to expose errors/exception to the user in the client to help with under-the-hood errors like that? RPC configuration errors are exposed, so that's good of course).
Since this is regtest, that's it: you don't need to sync any blockchains :)
However, you do of course have to configure and start it. Put a bitcoin.conf somewhere (if you're currently running a node it's easiest to make a separate one from your main ~/.bitcoin/bitcoin.conf one, of course. I put one in ~/bitcoin.conf with these settings:
rpcuser=bitcoinrpc rpcpassword=123456abcdef 
(you'll need those values again in a minute) and then run with
~/bitcoininstallationdibitcoind -regtest -daemon -conf=homedibitcoin.conf 
(I didn't need to add server=1 to config).
Note that coins are not available until maturity, so you need to use the generate command to mine blocks, like this:
~/bitcoininstallationdibitcoin-cli -regtest -rpcuser=bitcoinrpc -rpcpassword=123456abcdef generate 101 
Now your regtest bitcoind is running, you can move on to Tumblebit. Follow the instructions in the wiki page mentioned at the start; install .Net Core - the Microsoft instructions are easy to follow, just a couple of apt-gets and install the *.deb. Next, clone the github repo and run the Unit Tests. They passed first time for me.

Running

Next, start up the server, following the instructions in the wiki, except note you're using regtest, so:
cd NTumbleBit.TumblerServer dotnet run -regtest 
The first start up will compile but also set up RSA keys, all that is fine without changes, but you'll need to edit the config so that the RPC is pointing at your regtest instance properly. In this case it (the new config should be located in ~/.ntumblebit/RegTest/server.config) should be edited to look like:
rpc.url=http://localhost:18332/ rpc.user=bitcoinrpc rpc.password=123456abcdef #rpc.cookiefile=yourbitcoinfolde.cookie 
Then restart and check you get no RPC errors. Leave that console open, it's running a server loop.
Next, configure and start the client. Note, we are still following the wiki page, except for the regtest element, so:
cd NTumbleBit.CLI dotnet run -regtest 
You'll most likely get an RPC error again, before it shuts down. Now we need to edit the ~/.ntumblebit/RegTest/client.config file. The server can be left as the default localhost:5000, but you need the right RPC settings:
rpc.url=http://localhost:18332/ rpc.user=bitcoinrpc rpc.password=123456abcdef #rpc.cookiefile=yourbitcoinfolde.cookie tumbler.server=http://localhost:5000 outputwallet.extpubkey= outputwallet.keypath=0 
the last two fields are the important bit, which the wiki page explains in some detail for the testnet case.

Details on setting up a receiving wallet (for this test!)

What you need is a BIP32 based wallet (HD) that supports testnet, and can be run against regtest here (which in most cases will be the same thing to a wallet, as long as it can connect via RPC to sync itself). The good news is the wallet doesn't need to contain any coins. The details of the following probably won't be suitable for most (if you've never used joinmarket it's a bit convoluted), so you'll probably want to find another easy to use wallet; the wiki page should be a good starting point.
For my test I used joinmarket; all we need to do is (a) hook it up to the regtest instance, and (b) extract the BIP32 xpub key that we'll be sending coins to. So in my case the flow of coins is:
Regtest Bitcoin Core wallet (containing 'mined' coins) one branch of my BIP32 joinmarket wallet, configured to sync against the same regtest instance.
I used my new joinmarket code but it's the same for the main joinmarket code. I overwrote joinmarket.cfg to have regtest settings (use this file; only the highlighted settings matter, those are the right ones for this test), then just run python wallet-tool.py randomseed. "randomseed" there can be literally anything, it's read as a brainwallet style seed for the bip32 wallet (because testnet, we don't care about its insecurity). The tpub.. keys seen for each branch are the "xpub" public keys at that branch of the BIP32 wallet. Tumblebit is going to send to a branch below whatever xpub we need, so the simplest is to add a print statement to print the xpub key above that; e.g. add this code:
for i in range(max_mix_depth): print('master for index: ' + str( i) + ' : ' + btc.bip32_privtopub(mixing_depth_keys[i])) 
immediately above this line. Then run again python wallet-tool.py randomseed.
Extract an xpub for any one of the "mixdepths", e.g. I chose:
master for index: 3 : tpubDBFGvUbWtEPKXeWPeG7rUh98iV9GuXSDbnk6ZrZHjcmp134BPByT293HPPQ93DktrVFKpZeAU1ULSdyfmwWuUGvUVLP19JkdUq2mzNKFJPR 
and put that tpub.. key into the field pubkey in the above mentioned 'client.config':
outputwallet.extpubkey=tpubDBFGvUbWtEPKXeWPeG7rUh98iV9GuXSDbnk6ZrZHjcmp134BPByT293HPPQ93DktrVFKpZeAU1ULSdyfmwWuUGvUVLP19JkdUq2mzNKFJPR outputwallet.keypath=0 
Now save and quit.

Running the tumble

Restart the client. If RPC is right, it'll start running, waiting for blocks. Your regtest Core instance will have coins (after the previous generate 101), and those coins will be automatically tumbled, one coin at a time, into the output wallet (in my case, the branch m/0/3/0 which is labelled there 'mixdepth 3, external').
Now you can test and watch the process! Open up a third console and repeatedly generate blocks:
/path/to/bitcoin/bin/bitcoin-cli -regtest -rpcpassword=123456abcdef generate 1 
As each block is generated you'll see the state in the client terminal window updating, showing the phases. A new 'epoch' (right term?) is started every N blocks (I haven't investigated the timing yet), and several epochs run concurrently. In each one, the client can pay in 1 Bitcoin (from Core) and eventually get out 1 coin - fees to the destination (Joinmarket in my case, any other BIP32 in yours). You can replace generate 1 with generate N but I'm not sure if the code will always correctly handle you mining lots of blocks at once! After a large enough number of blocks you'll start to see 'ClientCashout phase' occurring, and txids being printed out. You can go back to your (JM or other) wallet and see the coins arriving; here's what I see after a few epochs have gone through (using my python wallet-tool.py randomseed command):
for mixdepth=2 balance=0.00000000btc mixing depth 3 m/0/3/ external addresses m/0/3/0 tpubDDMAxSHJmxzeXwDnATuvtDizqNSsQKpXGufBDnER44BzEbHy7kg485zZwHqvzprgf6yEQYg9qYYfsLYS1HMmdSuXDzQb2dJSiga9geyM62R m/0/3/0/007 mw9s7tYucxB9yr2L6HkqeDVsh3wdgMdcyK used 0.99995750 btc m/0/3/0/008 mq5TgTNgwYHv88Q4T7wL6kTb1MBSPE3mqK used 0.99995750 btc m/0/3/0/009 mhzQFY8FNvux6SKWKLKmhBB3Sw4MLaSnyu used 0.99995750 btc m/0/3/0/010 mrYECmCf5UKa1BBRMuzprVugsCi9z7oiHo new 0.00000000 btc m/0/3/0/011 mopUNXmHT8ngfBymM3c3EYMg7RLZAf6Zc6 new 0.00000000 btc m/0/3/0/012 mmaVXVfQP4UAYJPhMpQ3FhgXfHzujaxyw4 new 0.00000000 btc m/0/3/0/013 mzYD1AcUFz8SVwJM8EjVCfEM6pcYnHooBR new 0.00000000 btc m/0/3/0/014 my5unLCEMWQBkXBdeJ75VVGk1wrMrT8iDE new 0.00000000 btc m/0/3/0/015 muA76YSTtKKmD6HnVKYhkd9K9TZnPLh8pp new 0.00000000 btc internal addresses m/0/3/1 for mixdepth=3 balance=2.99987250btc 
As you can see, 3 coins have arrived.
submitted by waxwing to TumbleBit [link] [comments]

Why aren't the Litecoin BIP32 serialization values updated in Litecoin Core source?

According to tons of posts all over the internet, Litecoin BIP32 public keys should start with "Ltub" and private with "Ltpv". But the actual source of the reference client still has the version bytes which serialize to the Bitcoin "xpub/xprv" values.
https://github.com/litecoin-project/litecoin/blob/master-0.10/src/chainparams.cpp#L169-L170
I would think that the reference client would be the definitive source for what the values actually should be, right? But according to the Litecoin Core reference client, they "should" be "xpub/xprv".
Does anyone know where were these values established originally and is there a reason they've not been added to Litecoin Core?
submitted by nmarley to litecoin [link] [comments]

Electrum 3.0 release | Thomas Voegtlin | Nov 02 2017

Thomas Voegtlin on Nov 02 2017:
Electrum 3.0 was tagged and released yesterday night.
Release notes:

Release 3.0 - Uncanny Valley (November 1st, 2017)

Electrum Technologies GmbH / Waldemarstr 37a / 10999 Berlin / Germany
Sitz, Registergericht: Berlin, Amtsgericht Charlottenburg, HRB 164636
Geschäftsführer: Thomas Voegtlin
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-Novembe015235.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

BIP 32/39/44 Seed Portability?

This article - Why do my BIP32 wallets disagree? is a bit disconcerting.
Results below provide evidence by example that Trezor and libbitcoin's bitcoin-explorer (bx) command line interface have seed portability.
I thought I would try using the bitcoin-explorer (bx) command to see results generated to contrast to the article for m/44'/60'/0'/0/0.
% echo "radar blur cabbage chef fix engine embark joy scheme fiction master release" | bx mnemonic-to-seed | bx hd-new -v 76066276 | bx hd-private -d -i 44 | bx hd-private -d -i 60 | bx hd-private -d -i 0 | bx hd-private -i 0 | bx hd-private -i 0 | bx hd-to-ec
b96e9ccb774cc33213cbcb2c69d3cdae17b0fe4888a1ccd343cbd1a17fd98b18
*For an uncompressed public key:*
% echo b96e9ccb774cc33213cbcb2c69d3cdae17b0fe4888a1ccd343cbd1a17fd98b18 | bx ec-to-public -u
0405b7d0996e99c4a49e6c3b83288f4740d53662839eab1d97d14660696944b8bbe24fabdd03888410ace3fa4c5a809e398f036f7b99d04f82a012dca95701d103
After dropping the leading 0x04 from the uncompressed public key, a keccak hash function (used by both Ethereum and Monero; is not NIST's SHA3-256) is applied.
% ./keccak -256 05b7d0996e99c4a49e6c3b83288f4740d53662839eab1d97d14660696944b8bbe24fabdd03888410ace3fa4c5a809e398f036f7b99d04f82a012dca95701d103 0AB3387A148B3C4B18C333FCAC39B311DCEB2A4B2F5D8461C1CDAF756F4F7AE9
The bolded 20 byte Ethereum address immediately above matches the "Otherwise" result in the article up top.
*For a compressed public key:*
% echo b96e9ccb774cc33213cbcb2c69d3cdae17b0fe4888a1ccd343cbd1a17fd98b18 | bx ec-to-public
0305b7d0996e99c4a49e6c3b83288f4740d53662839eab1d97d14660696944b8bb
After dropping the leading 0x03 from the compressed public key,
% ./keccak -256 05b7d0996e99c4a49e6c3b83288f4740d53662839eab1d97d14660696944b8bb 1BE3816C914DCFF6C350BBFB1AEC8694FC4F546191026031FEFFB312D342B93B
For grins, I decided to generate a comparable situation for Trezor using its web interface. I used the Trezor (with firmware v1.3.6 and v1.4) recovery instructions for the pertinent 12 word recovery seed, "radar blur cabbage chef fix engine embark joy scheme fiction master release", to see what the results are for an extended M/44'/0'/0'/0 xpub key to contrast to bx calculations. The resulting xpub key resulting from two restores is:
xpub6DHi64TFkDPx2AH4q2ku3vX9LJYNpTis5tLrET8Sb9irp174eCkgtAnvBpyzQXgrtmF31Lrq4gTMGFUGcjJicMu9LdueVdqt6FZ2Wzcg8Fj
% echo "radar blur cabbage chef fix engine embark joy scheme fiction master release" | bx mnemonic-to-seed | bx hd-new -v 76066276 | bx hd-private -d -i 44 | bx hd-private -d -i 0 | bx hd-public -d -i 0 xpub6DHi64TFkDPx2AH4q2ku3vX9LJYNpTis5tLrET8Sb9irp174eCkgtAnvBpyzQXgrtmF31Lrq4gTMGFUGcjJicMu9LdueVdqt6FZ2Wzcg8Fj
Seed word results from Trezor and libbitcoin are consistent!!!
submitted by greatskaht to TREZOR [link] [comments]

"Watching-only" mobile wallets as an independent, in-person POS solution

In a recent discussion of the heightened interest Bitcoin was receiving from users of Backpage.com, Demotruk suggested that escorts who may be in the position to receive in-person payments of bitcoin bring along a watching-only mobile wallet and keep their private keys on a separate device in another location, thereby providing greater protection against the loss of funds from a stolen mobile phone. I thought this was an excellent idea that tied into my previous attempts to find merchant POS terminal solutions for in-person payments that did not rely upon third-party payment processors. Mycelium Gear was a big step in this direction by providing the tools needed to present dynamic payment addresses on your own website sourced directly from your own Mycelium or Electrum wallet, but I could not figure out how to make it work on a mobile OS.
After discussing this with a couple of Mycelium developers and doing some tests myself, I wanted to present my own findings and expose this functionality that I believe has remained unknown to much of the Bitcoin community. As it stands today, although not well advertised, both the Mycelium wallet (Android only) and the Copay wallet (Android & iOS) will allow you to create watching-only copies of an existing wallet by importing xpub keys. BIP 32 (or, better yet, BIP 44) HD wallets create "xpub" and "xpriv" seeds for each logical account of addresses. Some wallets allow export and/or import of xpub seeds through their user interfaces. Please test all implementations, FIRST, before beginning real world use! Generated addresses and received transactions must show up the same on all devices being employed.
NOTE: Mycelium iOS is not currently compatible with Mycelium Android due to a different BIP 32 path derivation. The iOS version also doesn't allow xpub key import, thus making it unable to handle its own exports.
The text code generated by Copay is long and unwieldy, and you must be sure to transport it to the receiving device intact. If copying from one iOS device to another, I recommend saving the code to a Note page and sending the note via AirDrop. If copying to an Android device, I recommend copying the code into the body of an e-mail that you can either save as a draft to access on the other device or e-mailing if necessary.
Additional Thoughts: Other combinations of wallets are possible, but I haven't tested them. Electrum v2 should work with Mycelium Android, for example. Sentinel is an app that is supposed to serve as the watching-only copy for several BIP 44 wallets. Earlier in the year, user "btchris" over at BitcoinTalk created a compatibility matrix spreadsheet for the various HD wallets. This is linked from his thread here.
In conclusion, I am happy to recommend receive-only copies of HD wallets on mobile devices as a more secure way for merchants to generate dynamic payment addresses in a POS environment while keeping their spending control of received funds on a separate device. Importantly, this is the only way to do this without using a third-party payment processor like Bitpay or Coinbase and all the AML/KYC encumbrances that go along with them.
My recommendations for the future would be standalone POS apps for mobile devices that can import BIP 32/44 xpub keys while improving the user interface for true POS efficiency. Something similar to how the existing Bitpay or Coinbase Merchant apps and other apps from Square and Paypal are designed. The existing full wallets could be upgraded with a "merchant mode" as well. Thanks to Demotruk and the Mycelium developers for their inspiration and assistance!
For fun, try bip32.org
submitted by bits-of-change to Bitcoin [link] [comments]

Proposal: Extended serialization format for BIP-32 | shiva sitamraju | Sep 09 2017

shiva sitamraju on Sep 09 2017:
Hi,
I understand the motivation of adding the birthdate field. However, not
very comfortable with having this in the public key serialization. There
are privacy implication of both the birthday field and having the complete
derivation path, which takes space.
I am fine with Thomas proposal of {x,y,z}. Having additional version byte
field looks modular but since since we already have the big enough version
field in bip32, better to use that instead of adding more bytes.
Thomas, can you please explain why we require different version for P2WPKH
or P2WSH versus (P2WPKH or P2WSH) nested in P2SH. It looked to me that they
would have the same output bitcoin address and under same account.
On Fri, Sep 8, 2017 at 2:09 AM, <
bitcoin-dev-request at lists.linuxfoundation.org> wrote:
Send bitcoin-dev mailing list submissions to
bitcoin-dev at lists.linuxfoundation.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
or, via email, send a message with subject or body 'help' to
bitcoin-dev-request at lists.linuxfoundation.org
You can reach the person managing the list at
bitcoin-dev-owner at lists.linuxfoundation.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of bitcoin-dev digest..."
Today's Topics:
  1. Re: Proposal: Extended serialization format for BIP-32
    wallets (Andreas Schildbach)
  2. Re: Proposal: Extended serialization format for BIP-32
    wallets (Pavol Rusnak)
  3. Re: Fast Merkle Trees (Mark Friedenbach)
  4. Re: Proposal: Extended serialization format for BIP-32
    wallets (Thomas Voegtlin)
Message: 1
Date: Thu, 7 Sep 2017 21:35:49 +0200
From: Andreas Schildbach
To: bitcoin-dev at lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Proposal: Extended serialization format for
 BIP-32 wallets 
Message-ID:
Content-Type: text/plain; charset=utf-8
On 09/07/2017 06:23 PM, Pavol Rusnak via bitcoin-dev wrote:
On 07/09/17 06:29, Thomas Voegtlin via bitcoin-dev wrote:
A solution is still needed to wallets who do not wish to use BIP43
What if we added another byte field OutputType for wallets that do not
follow BIP43?
0x00 - P2PKH output type
0x01 - P2WPKH-in-P2SH output type
0x02 - native Segwit output type
Would that work for you?
I think that would work.
The question is whether this field should be present only if depth==0x00
or at all times. What is your suggestion, Thomas?
In case of Bitcoin Wallet, the depth is not null (m/0'/[0,1]) and still
we need this field. I think it should always be present if a chain is
limited to a certain script type.
There is however the case where even on one chain, script types are
mixed. In this case the field should be omitted and the wallet needs to
scan for all (known) types. Afaik Bitcoin Core is taking this path.
Message: 2
Date: Thu, 7 Sep 2017 22:00:05 +0200
From: Pavol Rusnak
To: Andreas Schildbach , Bitcoin Protocol
 Discussion  
Subject: Re: [bitcoin-dev] Proposal: Extended serialization format for
 BIP-32 wallets 
Message-ID: <40ed03a1-915c-33b0-c4ac-e898c8c733ba at satoshilabs.com>
Content-Type: text/plain; charset=windows-1252
On 07/09/17 21:35, Andreas Schildbach via bitcoin-dev wrote:
In case of Bitcoin Wallet, the depth is not null (m/0'/[0,1]) and still
we need this field.
But the depth of exported public key will be null. It does not make
sense to export xpub for m or m/0' for your particular case.
I think it should always be present if a chain is
limited to a certain script type.
I am fine with having the path there all the time.
There is however the case where even on one chain, script types are
mixed. In this case the field should be omitted and the wallet needs to
scan for all (known) types. Afaik Bitcoin Core is taking this path.
Is that really the case? Why come up with a hierarchy and then don't use
it?

Best Regards / S pozdravom,
Pavol "stick" Rusnak
CTO, SatoshiLabs
Message: 3
Date: Thu, 7 Sep 2017 13:04:30 -0700
From: Mark Friedenbach
To: Russell O'Connor
Cc: Bitcoin Protocol Discussion
  
Subject: Re: [bitcoin-dev] Fast Merkle Trees
Message-ID: <40D6F502-3380-4B64-BCD9-80D361EED35C at friedenbach.org>
Content-Type: text/plain; charset="us-ascii"
TL;DR I'll be updating the fast Merkle-tree spec to use a different
 IV, using (for infrastructure compatability reasons) the scheme provided by Peter Todd. 
This is a specific instance of a general problem where you cannot
trust scripts given to you by another party. Notice that we run into
the same sort of problem when doing key aggregation, in which you must
require the other party to prove knowledge of the discrete log before
using their public key, or else key cancellation can occur.
With script it is a little bit more complicated as you might want
zero-knowledge proofs of hash pre-images for HTLCs as well as proofs
of DL knowledge (signatures), but the basic idea is the same. Multi-
party wallet level protocols for jointly constructing scriptPubKeys
should require a 'delinearization' step that proves knowledge of
information necessary to complete each part of the script, as part of
proving the safety of a construct.
I think my hangup before in understanding the attack you describe was
in actualizing it into a practical attack that actually escalates the
attacker's capabilities. If the attacker can get you to agree to a
MAST policy that is nothing more than a CHECKSIG over a key they
presumably control, then they don't need to do any complicated
grinding. The attacker in that scenario would just actually specify a
key they control and take the funds that way.
Where this presumably leads to an actual exploit is when you specify a
script that a curious counter-party actually takes the time to
investigate and believes to be secure. For example, a script that
requires a signature or pre-image revelation from that counter-party.
That would require grinding not a few bytes, but at minimum 20-33
bytes for either a HASH160 image or the counter-party's key.
If I understand the revised attack description correctly, then there
is a small window in which the attacker can create a script less than
55 bytes in length, where nearly all of the first 32 bytes are
selected by the attacker, yet nevertheless the script seems safe to
the counter-party. The smallest such script I was able to construct
was the following:
 CHECKSIGVERIFY HASH160  EQUAL 
This is 56 bytes and requires only 7 bits of grinding in the fake
pubkey. But 56 bytes is too large. Switching to secp256k1 serialized
32-byte pubkeys (in a script version upgrade, for example) would
reduce this to the necessary 55 bytes with 0 bits of grinding. A
smaller variant is possible:
DUP HASH160  EQUALVERIFY CHECKSIGVERIFY HASH160 
EQUAL
This is 46 bytes, but requires grinding 96 bits, which is a bit less
plausible.
Belts and suspenders are not so terrible together, however, and I
think there is enough of a justification here to look into modifying
the scheme to use a different IV for hash tree updates. This would
prevent even the above implausible attacks.
On Sep 7, 2017, at 11:55 AM, Russell O'Connor
wrote:
On Thu, Sep 7, 2017 at 1:42 PM, Mark Friedenbach
> wrote:
I've been puzzling over your email since receiving it. I'm not sure it
is possible to perform the attack you describe with the tree structure
specified in the BIP. If I may rephrase your attack, I believe you are
seeking a solution to the following:
Want: An innocuous script and a malign script for which
double-SHA256(innocuous)
is equal to either
fast-SHA256(double-SHA256(malign) || r) or
fast-SHA256(r || double-SHA256(malign))
or fast-SHA256(fast-SHA256(double-SHA256(malign) || r1) || r0)
or fast-SHA256(fast-SHA256(r1 || double-SHA256(malign)) || r0)
or ...
where r is a freely chosen 32-byte nonce. This would allow the
attacker to reveal the innocuous script before funds are sent to the
MAST, then use the malign script to spend.
Because of the double-SHA256 construction I do not see how this can be
accomplished without a full break of SHA256.
The particular scenario I'm imagining is a collision between
double-SHA256(innocuous) 
and
fast-SHA256(fast-SHA256(fast-SHA256(double-SHA256(malign) || r2) || 
r1) || r0).
where innocuous is a Bitcoin Script that is between 32 and 55 bytes long.
Observe that when data is less than 55 bytes then double-SHA256(da...[message truncated here by reddit bot]...
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-Septembe014966.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

BIP32 Private Key (xpriv) Question

Hey Guys,
I just had one question in regards to BIP32 Private Keys (xpriv)
Is there any service/application where I can provide a Private Key and transfer bitcoin?
Its my understanding BIP32 derives multiple wallets/addresses, if someone were to get a hold of my BIP39 mnemonic (Seed), then convert that into a BIP32 Private Key, how could they steal my bitcoin? If I have multiple wallets? How could someone provide the xpriv key and signs transactions as me?
This is a awesome little tool by DC POS that converts the BIP39 Mnemonic into a BIP32 xpub and xpriv pair, it also shows all address derivations: https://dcpos.github.io/bip39/
If you're going to use your own live mnemonic I'd recommend cloning the git, just to be a little safer.
TL;DR Is there an App that takes a BIP32 Private Key and lets me choose derived wallets to use/send receive Bitcoin?
Cheers Guys!
Side Note: I'm totally new to Bitcoin, please be nice :)
submitted by dylanger_ to Bitcoin [link] [comments]

Bitcoin, Ethereum xpub address balance checker (bip32-bip39, bip44) - (p2pkh, p2sh) Adding API keys to Jonny Blockchain How To Obtaining an Extended Public Key xPub From Blockchain Wallet Blockchain Receive Payments API v2 HD BIP32 xpub How To Setup Coinpayment

Base 2 (0-1) (For 2-sided coin) Base 6 (0-5) (For 6-sided dice) Base 16 (0-9,A-F) (For 16-sided dice) Base 20 (0-9,A-J) (For 20-sided dice) So some of the Bitcoin developers worked together to create BIP32, which defined how a single secret seed could be used to generate child key pairs to be used, now with the seed information only ... XPub Decoded. In the diagram above, we can see that the XPub string is decoded to raw bytes, and the BIP32 definition determines which pieces of data are used for different reasons. I am not sure who originally proposed it, but some of the Bitcoin developers worked together to created BIP32, which defined how a single secret seed could be used to generate child key pairs to be used for this same use case.Instead of having to keep a list of all the key pairs, you could just create a single seed value that is capable of generating a tree of key pairs. What is a XPUB? An Extended Public Key - also known as an XPUB - is a part of a bitcoin standard (BIP32) that can be thought of as a 'read only' view into a wallet.An XPUB allows full view to all transactions, addresses, and balances in a specific wallet, but doesn't allow spending of any kind.

[index] [29637] [11054] [8547] [30783] [7978] [195] [17705] [12947] [3890] [11738]

Bitcoin, Ethereum xpub address balance checker (bip32-bip39, bip44) - (p2pkh, p2sh)

https://bit.ly/32CgMN6 Xpub Bitcoin Receiving Addresses with SmartBit API - Duration: ... 7:21. Blockchain Receive Payments API v2 HD BIP32 xpub - Duration: 11:36. m1xolyd1an 22,541 views. 11:36. How Bitcoin Wallets ... Blockchain Receive Payments API v2 HD BIP32 xpub - Duration: 11:36. m1xolyd1an 22,932 views. 11:36. Bitcoin To Your Bank Account USD 2018 (CoinPayments To Coinbase) - Duration: ... This tutorial goes over step-by-step on how to use blockchain.info's receive payments API v2 HD BIP32 xpub request and callbacks. Building Bitcoin Websites B... How to Use Blockchain Receive Payments API V2 BIP32 xpub by m1xolyd1an. 20:51. How to use Block.IO API with PHP ... Make Your Very Own Live Bitcoin Price Widget Under 2 Minutes Using Websocket by ...

#